Remove tetragon.enableCiliumAPI option

Tetragon no longer depends on Cilium. Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>
cilium · Oct 2, 2023 · 1977c5f · 1977c5f
1 parent 8717bb2
commit 1977c5f
Show file tree

Hide file tree

Showing 10 changed files with 268 additions and 332 deletions.
diff --git a/cmd/tetragon/conf_test.go b/cmd/tetragon/conf_test.go
diff --git a/cmd/tetragon/flags.go b/cmd/tetragon/flags.go
@@ -29,7 +29,6 @@ const (
 
 	keyEnableK8sAPI           = "enable-k8s-api"
 	keyK8sKubeConfigPath      = "k8s-kubeconfig-path"
-	keyEnableCiliumAPI        = "enable-cilium-api"
 	keyEnableProcessAncestors = "enable-process-ancestors"
 
 	keyMetricsServer      = "metrics-server"
@@ -95,7 +94,6 @@ func readAndSetFlags() {
 
 	option.Config.EnableProcessCred = viper.GetBool(keyEnableProcessCred)
 	option.Config.EnableProcessNs = viper.GetBool(keyEnableProcessNs)
-	option.Config.EnableCilium = viper.GetBool(keyEnableCiliumAPI)
 	option.Config.EnableK8s = viper.GetBool(keyEnableK8sAPI)
 	option.Config.K8sKubeConfigPath = viper.GetString(keyK8sKubeConfigPath)
 

diff --git a/cmd/tetragon/main.go b/cmd/tetragon/main.go
@@ -700,7 +700,6 @@ func execute() error {
 	flags.String(keyLogFormat, "text", "Set log format")
 	flags.Bool(keyEnableK8sAPI, false, "Access Kubernetes API to associate Tetragon events with Kubernetes pods")
 	flags.String(keyK8sKubeConfigPath, "", "Absolute path of the kubernetes kubeconfig file")
-	flags.Bool(keyEnableCiliumAPI, false, "Access Cilium API to associate Tetragon events with Cilium endpoints and DNS cache")
 	flags.Bool(keyEnableProcessAncestors, true, "Include ancestors in process exec events")
 	flags.String(keyMetricsServer, "", "Metrics server address (e.g. ':2112'). Disabled by default")
 	flags.String(keyServerAddress, "localhost:54321", "gRPC server address (e.g. 'localhost:54321' or 'unix:///var/run/tetragon/tetragon.sock'")

diff --git a/docs/content/en/docs/reference/helm-chart.md b/docs/content/en/docs/reference/helm-chart.md
@@ -63,7 +63,6 @@ To use [the values available](#values), with `helm install` or `helm upgrade`, u
 | tetragon.argsOverride | list | `[]` |  |
 | tetragon.btf | string | `""` |  |
 | tetragon.commandOverride | list | `[]` |  |
-| tetragon.enableCiliumAPI | bool | `false` |  |
 | tetragon.enableK8sAPI | bool | `true` |  |
 | tetragon.enableMsgHandlingLatency | bool | `false` |  |
 | tetragon.enablePolicyFilter | bool | `false` |  |

diff --git a/docs/content/en/docs/reference/tetragon-configuration.md b/docs/content/en/docs/reference/tetragon-configuration.md
@@ -26,7 +26,6 @@ Flags:
       --data-cache-size int                       Size of the data events cache (default 1024)
   -d, --debug                                     Enable debug messages. Equivalent to '--log-level=debug'
       --disable-kprobe-multi                      Allow to disable kprobe multi interface
-      --enable-cilium-api                         Access Cilium API to associate Tetragon events with Cilium endpoints and DNS cache
       --enable-export-aggregation                 Enable JSON export aggregation
       --enable-k8s-api                            Access Kubernetes API to associate Tetragon events with Kubernetes pods
       --enable-msg-handling-latency               Enable metrics for message handling latency

diff --git a/docs/security-observability-with-ebpf/03_chapter/01_installation/hubble-fgs-values.yaml b/docs/security-observability-with-ebpf/03_chapter/01_installation/hubble-fgs-values.yaml
@@ -12,7 +12,6 @@ hubble-enterprise:
     image:
       tag: v1.6.0
     enabled: true
-    enableCiliumAPI: false
     exportFilename: "fgs.log"
     extraArgs:
-      "enable-process-cred": true
+      "enable-process-cred": true
diff --git a/examples/configuration/tetragon.yaml b/examples/configuration/tetragon.yaml
@@ -14,7 +14,6 @@ config-dir:
 tracing-policy:
 debug: false
 disable-kprobe-multi: false
-enable-cilium-api: false
 enable-export-aggregation: false
 enable-k8s-api: false
 enable-process-ancestors: true

diff --git a/install/kubernetes/README.md b/install/kubernetes/README.md
@@ -46,7 +46,6 @@ Helm chart for Tetragon
 | tetragon.argsOverride | list | `[]` |  |
 | tetragon.btf | string | `""` |  |
 | tetragon.commandOverride | list | `[]` |  |
-| tetragon.enableCiliumAPI | bool | `false` |  |
 | tetragon.enableK8sAPI | bool | `true` |  |
 | tetragon.enableMsgHandlingLatency | bool | `false` |  |
 | tetragon.enablePolicyFilter | bool | `false` |  |

diff --git a/install/kubernetes/templates/tetragon_configmap.yaml b/install/kubernetes/templates/tetragon_configmap.yaml
@@ -29,9 +29,6 @@ data:
 {{- if .Values.tetragon.enableK8sAPI }}
   enable-k8s-api: "true"
 {{- end }}
-{{- if .Values.tetragon.enableCiliumAPI }}
-  enable-cilium-api: "true"
-{{- end }}
 {{- if .Values.tetragon.prometheus.enabled }}
   metrics-server: {{ .Values.tetragon.prometheus.address }}:{{ .Values.tetragon.prometheus.port }}
 {{- else }}

diff --git a/install/kubernetes/values.yaml b/install/kubernetes/values.yaml
@@ -107,8 +107,6 @@ tetragon:
     {}
   # Access Kubernetes API to associate Tetragon events with Kubernetes pods.
   enableK8sAPI: true
-  # Access Cilium API to associate Tetragon events with Cilium endpoints and DNS cache.
-  enableCiliumAPI: false
   # enableProcessCred enables Capabilities visibility in exec and kprobe events.
   enableProcessCred: false
   # enableProcessNs enables Namespaces visibility in exec and kprobe events.